Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2011-1486

Published: 31 May 2011

libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.

Notes

AuthorNote
mdeslaur
RH apparently have a reproducer in private bug

Priority

Low

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Ignored
(end of life)
lucid
Released (0.7.5-5ubuntu27.13)
maverick
Released (0.8.3-1ubuntu18)
natty
Released (0.8.8-1ubuntu6.2)
upstream
Released (0.9.0)
Patches:
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=f44bfb7fb978c9313ce050a1c4149bf04aa0a670
vendor: https://rhn.redhat.com/errata/RHSA-2011-0479.html